Privacy Policy

ATLANTA WOMEN’S HEALTH GROUP, P.C.
www.awhg.org
NOTICE OF PRIVACY PRACTICE

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Atlanta Women’s Health Group, P.C. consists of wholly-owned subsidiaries where medical services are provided (collectively referred to herein as “AWHG”). AWHG and its subsidiaries are committed to treating and using protected health information (“PHI”) about you responsibly. This Notice of Privacy Practices (“Notice”) describes the personal information we collect, and how and when we use or disclose that information. It also describes your rights as they relate to your PHI. This Notice has been updated in accordance with the HIPAA Omnibus Rule effective March 26, 2013. It applies to all PHI as defined by federal regulations.

Understanding Your Health Record/Information

Each time you visit AWHG; a record of your visit is made. Typically, this record contains your symptoms, examination and test results, diagnoses, treatment, and a plan for future care or treatment. This information may be used or disclosed to:

• Plan your care and treatment.
• Communicate with other providers who contribute to your care.
• Serve as a legal document.
• Receive payment from you, your plan, or your health insurer.
• Assess and continually work to improve the care we render and the outcomes we achieve.
• Comply with state and federal laws that require us to disclose your PHI.

Understanding what is in your record and how your PHI is used helps you to: ensure its accuracy, better understand who, what, when, where, and why others may access your PHI, and make more informed decisions when authorizing disclosure to others.

Your Health Information Rights

Although your health record is the physical property of AWHG, the information belongs to you. Our subsidiaries use an
electronic medical record (“EMR”). You have the right to request to:

• Access, inspect and copy your health record. You have the right to inspect and/or request a copy of your medical record. You have the right to access your health record in a machine readable electronic format. You have the right to request an electronic copy of your medical record be given to you or transmitted to another individual or entity. AWHG may charge you a reasonable, cost-based fee for the labor and supplies associated with copying or transmitting the electronic PHI
• Amend your health record which you believe is not correct or complete. AWHG is not required to agree to the amendment if you ask us to amend information that is in our opinion: (i) accurate and complete; (ii) not part of the PHI kept by or for AWHG; (iii) not part of the PHI which you would be permitted to inspect and copy; or (iv) not created by AWHG, unless the individual or entity that created the information is not available to amend the information. If we deny your request, you may submit a written statement of disagreement of reasonable length. Your statement of disagreement will be included in your medical record, but we may also include a rebuttal statement.
• Obtain a written accounting of certain non-routine disclosures of your PHI. We are not required to list certain disclosures, including (i) disclosures made for treatment, payment, and health care operations purposes, (ii) disclosures made with your authorization, (iii) disclosures made to create a limited data set, and (iv) disclosures made directly to you. All requests for an “accounting of disclosures” must state a time period, which may not be longer than six (6) years prior to the date of your request. If we maintain your medical records in an EMR system, you may request that the accounting include disclosures for treatment, payment and health care operations for the three (3) years prior to the date of such request. You must submit your request in writing to the Practice Administrator at the telephone number of the specific subsidiary where you receive services. The first list you request within a 12-month period is free of charge, but AWHG may charge you for additional lists within the same 12-month period. AWHG will notify you of the costs involved with additional requests, and you may withdraw your request before you incur any costs.
• Communicate your PHI by alternative means (e.g., e-mail) or at alternative locations (e.g., post office box).
• Place a restriction to certain uses and disclosures of your information. In most cases AWHG is not required to agree to these additional restrictions, but if AWHG does, AWHG will abide by the agreement (except in certain circumstances where disclosure is required or permitted, such as an emergency, for public health activities, or when disclosure is required by law). AWHG must comply with a request to restrict the disclosure of PHI to a health plan for purposes of carrying out payment or health care operations if the PHI pertains solely to a health care item or service for which we have been paid out of pocket in full.
• Revoke your authorization to use or disclose PHI except to the extent that action has already been taken.
• Choose someone to act for you. If you have given someone healthcare power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your PHI. AWHG will confirm the person has such authority and can act for you before it takes any action.
• Obtain a copy of this Notice of Privacy Practices. You have the right to request a paper copy of this Notice of Privacy Practices at any time, even if you have agreed to receive this Notice of Privacy Practices electronically.

Our Responsibilities

AWHG is required to:

• Maintain the privacy and security of your PHI
• Provide you with this Notice as to our legal duties and privacy practices with respect to information we collect and maintain about you.
• Abide by the terms of the Notice currently in effect.
• Notify you in writing if we are unable to agree to a requested restriction.
• Accommodate reasonable requests you may have to communicate PHI by alternative means or at alternative locations
• Notify you in writing of a breach where your unsecured PHI has been accessed, acquired, used or disclosed to an unauthorized person. “Unsecured PHI” refers to PHI that is not secured through the use of technologies or methodologies that render the PHI unusable, unreadable, or indecipherable to unauthorized individuals.

We reserve the right to change our practices and to make the new provisions effective for all PHI we maintain. Should our
information practices change, such revised Notices will be made available to you.

We will not use or disclose your PHI without your written authorization, except as described in this Notice.

For More Information or to Report a Problem

If have questions and would like additional information, you may contact:

Privacy Officer
Atlanta Women’s Health Group, P. C.
5780 Peachtree Dunwoody Road, Suite 300
Atlanta, Georgia 30342
Telephone: (404) 303-8435

If you believe your privacy rights have been violated, you can file a written complaint with AWHG’s Privacy Officer, or with the Office for Civil Rights, U.S. Department of Health and Human Services. Upon request, the Privacy Office will provide you with the address. There will be no retaliation for filing a complaint with either the Privacy Officer or the Office for Civil Rights.

Treatment: Information obtained by a nurse, physician, or other member of your health care team will be recorded in your medical record and used to determine the course of treatment that should work best for you. AWHG may also provide a subsequent healthcare provider with PHI about you (e.g., copies of various reports) that should assist him or her in treating you in the future. AWHG may also disclose PHI about you to, and obtain your PHI from, electronic health information networks in which community healthcare providers may participate to facilitate the provision of care to patients such as yourself.

AWHG may use a prescription hub which provides electronic access to your medication history. This will assist AWHG health care providers in understanding what other medications may have been prescribed for you by other providers. Payment: A bill may be sent to you or a third-party payer. The information on or accompanying the bill may include information that identifies you, diagnosis, procedures, and supplies used.

Payment: A bill may be sent to you or a third-party payer. The information on or accompanying the bill may include information that identifies you, diagnosis, procedures, and supplies used.

Health Care Operations: We may use information in your health record to assess the care and outcomes in your case and others like it. This information will then be used in an effort to continually improve the quality and effectiveness of the health care and service we provide.

Substance Use Disorder Treatment Records: If we maintain records about your substance use disorder (SUD) diagnosis, treatment, or referral that are protected under a separate federal confidentiality law (42 Code of Federal Regulations Part 2, often called “Part 2”), those records receive additional privacy protections beyond HIPAA.

Under this federal law:

• We will not use or disclose your Part 2–protected SUD treatment records in any civil, criminal, administrative, or legislative investigation or proceeding against you unless we first obtain:
  • Your written consent, or
  • A valid court order and subpoena as required by law.
• We will not share your Part 2–protected records for investigations or legal proceedings against you without your written permission or a proper court order.
• If we use or disclose your information for fundraising communications, and that information includes Part 2– protected records, we will provide you with clear notice and an opportunity to opt out of receiving those communications.

These additional protections apply only if we maintain substance use disorder treatment records that are subject to this federal law.

Business Associates: We may contract with third parties to perform functions or activities on behalf of, or certain services for, AWHG that involve the use or disclosure of PHI and disclose your PHI to our business associate so that they can perform the job we’ve asked them to do. We require the business associate to appropriately safeguard your information.

Notification: We may use or disclose information to notify or assist in notifying a family member, personal representative, or another person responsible for your care, your location, and general condition.

Communication from Offices: We may call your home or other designated location and leave a message on voice mail, or by email or mail, in reference to any items that assist AWHG in carrying out Treatment, Payment and Health Care Operations, such as appointment reminders, insurance items and any call pertaining to your clinical care. We may mail to your home or other designated location any items that assist AWHG in carrying out Treatment, Payment and Health Care Operations, such as appointment reminders, patient satisfaction surveys and patient statements.

Communication with Family/Personal Friends: Health professionals, using their best judgment, may disclose to a family member, other relative, close personal friend or any other person you identify, PHI relevant to that person’s involvement in your care or payment related to your care. When a family member(s) or a friend(s) accompany you into the exam room, it is considered implied consent that a disclosure of your PHI is acceptable.

Baby Photos: AWHG may post within its office photographs submitted by patients.

Open Treatment Areas: Sometimes patient care is provided in an open treatment area. While special care is taken to maintain patient privacy, others may overhear some patient information while receiving treatment. Should you be uncomfortable with this, please bring this to the attention of our Privacy Officer.

To Avert a Serious Threat to Health or Safety: We may use your PHI or share it with others when necessary to prevent a serious threat to your health or safety, or the health or safety of another person or the public.

Research: We may disclose information to researchers when their research has been approved by an institutional review board that has reviewed the research proposal and established protocols to ensure the privacy of your PHI. Even without that special approval, we may permit researchers to look at PHI to help them prepare for research, for example, to allow them to identify patients who may be included in their research project, as long as they do not remove, or take a copy of, any PHI. We may use and disclose a limited data set that does not contain specific readily identifiable information about you for research. But we will only disclose the limited data set if we enter into a data use agreement with the recipient who must agree to (1) use the data set only for the purposes for which it was provided, (2) ensure the security of the data, and (3) not identify the information or use it to contact any individual. AWHG may use a single compound authorization to combine conditioned and unconditioned authorizations for research (e.g. participation in research studies, creation or maintenance of a research database or repository), provided the authorization: (i) clearly differentiates between the conditioned (provision of research related treatment is conditioned on the provision of a written authorization) and unconditioned research components; and (ii) provides the individual with an opportunity to opt in to the unconditioned research activities. From time to time your physician may be the principal investigator of a research study. AWHG may engage a Business Associate to act under the direction of or on behalf of your physician to come to your physician’s office to review medical records to identify potential candidates for your physician’s research study. The Business Associate must comply with the following restrictions: (i) the use or disclosure is requested solely to review PHI as necessary to prepare a research protocol or for similar purposes preparatory to research; (ii), the PHI will not be removed from the AWHG office in the course of review, and (iii) the PHI for which use or access is requested is necessary for the research. The Business Associate shall provide your physician with a list of his or her patients who have been identified as potential candidates for such research study. AWHG staff or Business Associate under the direction of, or on behalf of your physician, may contact you to offer the opportunity to participate in the research study.

Coroners, Medical Examiners and Funeral Director: In the unfortunate event of your death, we may disclose your PHI to a coroner or medical examiner. This may be necessary, for example, to determine the cause of death. We may also release this information to funeral directors as necessary to carry out their duties.

Deceased Individuals: In the unfortunate event of your death, we are permitted to disclose your PHI to your personal representative and your family members and others who were involved in the care or payment for your care prior to your death, unless inconsistent with any prior expressed preference that you provided to us. PHI excludes any information regarding a person who has been deceased for more than 50 years.

Organ Procurement Organizations: Consistent with applicable law, we may disclose PHI to organ procurement organizations, federally funded registries, or other entities engaged in the procurement, banking, or transplantation of organs for the purpose of tissue donation and transplant.

Marketing: We may contact you by mail, e-mail or text to provide information about treatment alternatives or other health-related benefits and services that may be of interest to you. However, we must obtain your prior written authorization for any marketing of products and services that are funded by third parties. You have the right to opt-out by notifying us in writing.

Fund Raising: We may contact you as part of a fund-raising effort. We may also disclose certain elements of your PHI, such as your name, address, phone number and dates you received treatment or services at AWHG, to a business associate or a foundation related to AWHG so that they may contact you to raise money for AWHG . If you do not wish to receive further fundraising communications, you should follow the instructions written on each communication that informs you how to be removed from any fundraising lists. You will not receive any fundraising communications from us after we receive your request to opt out, unless we have already prepared a communication prior to receiving notice of your election to opt out.

Sale of PHI: AWHG may not “sell” your PHI (i.e., disclose such PHI in exchange for remuneration) to a third party without your written authorization that acknowledges the remuneration unless such an exchange meets a regulatory exception.

Health Oversight Activities: We may release your PHI to government agencies authorized to conduct audits, investigations, and inspections of our facility. These government agencies monitor the operation of the health care system, government benefit programs, such as Medicare and Medicaid, and compliance with government regulatory programs and civil rights laws.

Food and Drug Administration (FDA): We may disclose to the FDA PHI relative to adverse events with respect to food, supplements, product and product defects, or post marketing surveillance information to enable product recalls, repairs, or replacement.

Public Health: As required by law, we may disclose your PHI to public health or legal authorities charged with preventing or controlling disease, injury, or disability.

Workers Compensation: We may disclose PHI to the extent authorized by and to the extent necessary to comply with laws relating to workers compensation or other similar programs established by law.

Law Enforcement: We may disclose PHI for law enforcement purposes as required by law.

Inmates and Correctional Institutions: If you are an inmate or you are detained by a law enforcement officer, we may disclose your PHI to the prison officers or law enforcement officers if necessary to provide you with health care, or to maintain safety at the place where you are confined.

Lawsuits and Disputes: We may disclose your PHI if we are ordered to do so by a court that is handling a lawsuit or other dispute. We may also disclose your information in response to a subpoena, discovery request, or other lawful request by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain a court order protecting the information from further disclosure.

As Required by Law: We may use or disclose your PHI if we are required by law to do so.

Revised May 2026